To be considered compatible with the Public Health Information Network (PHIN), a TB application must be able to interoperate within the PHIN environment. This means that it should be capable of exchanging Reports of Verified Cases of Tuberculosis (RVCT) information, and comply with the PHIN Messaging Services (PHIN-MS) as well as with the PHIN Vocabulary Access and Distribution System (PHIN-VADS). Each of these is briefly described below. It should be noted that this section describes PHIN compatibility and not PHIN certification. Certification is a much more involved and lengthy, formal process. Certification is not focused on specific systems or applications, but on state implementations of solutions. A COTS product cannot be certified as PHIN-compliant. Only a state implementation of that product can be certified by the certification team as compliant within a larger solution that includes both technologies as well as supporting business processes. For more information on PHIN certification please see the PHIN site.

RVCT Reporting

RVCT information is submitted to the CDC from TB control programs in all states, most large cities, and U.S. territories and commonwealths. The surveillance information requested by CDC consists of detailed reports of persons with TB, including information on the individualĖs HIV serostatus, demographics (e.g., homelessness, residence in a correctional institution, or residence in a long-term care facility), alcohol and drug use, drug therapy, and drug susceptibility results. The data are used by U.S. Public Health Service scientists and cooperating state and local health officials to help understand and control the spread of TB.

Information that would permit identification of any individual on whom a record is maintained by CDC is collected with a guarantee to the agency, institution, physician, or individual providing the information that it will be held in strict confidence, will be used only for purposes stated in this assurance, and will not otherwise be disclosed or released without the consent of the individual in accordance with Sections 306 and 308(d) of the Public Health Service Act (42 U.S.C. 242k and 242m[d]). Data or information retained by the state or local health officials or by authorized collaborating researchers will be protected in accordance with state law.

Information reported to CDC will be used without identifiers for statistical and analytic summaries in which no individual on whom a record is maintained can be identified and for special studies of the transmission, natural history, and epidemiology of TB associated with HIV infection. When necessary for confirming information, or in the interest of public health and disease prevention, CDC may confirm information contained in case reports or may notify other medical personnel or health officials of such information. In each instance, only the information necessary will be disclosed.

Collaborative research efforts with an important public health purpose will require approval by the Director of CDC pursuant to strict conditions. If disclosure of identifying information to the collaborating researchers is essential to conduct the research, a written certificate will be required that identifying information obtained from the CDC will be managed as confidential and will not be released or re-disclosed. No information that could be used to identify any individual on whom a record is maintained, whether directly or indirectly, will be made available to anyone for non-public health purposes. In particular, such information will not be disclosed to the public; parties involved in civil, criminal, or administrative litigation; or non-health agencies of the federal, state, or local government.

The selected application must support the CDC requirements for RVCT reporting. Each application should be reviewed for its ability to acquire, validate, store, and transmit the data required for the RVCT. Although each application might have a slightly different approach to the collection and dissemination of these data, all must share the goal of reducing redundancy in data entry, storage, and validation. If the ability to support electronic reporting of RVCT data is of high importance to you, then support from the TIMS import team for a test of the accuracy of data validation, processing, and output should be requested. Once the TB Surveillance PAM is available as part of the National Electronic Disease Surveillance System (NEDSS), there will be a published message specification that all output transmission will need to meet. Each vendor should be requested to generate one or more sample messages for verification. Once you have acquired and installed an application, the PHIN Certification Center will test the message and assist in any modifications required to bring the messaging into compliance.

Local policies regarding the security and confidentiality of such information, especially HIV test results, must adhere to all laws applicable in state and local jurisdictions. These protections should include the use of TB surveillance databases. These databases should be encrypted to protect information during transfers of data for reporting purposes. Although such databases allow for the collection and storage of personal identifiers such as names and street addresses for local and state TB surveillance purposes, these identifiers are not transmitted to CDC. In general, any surveillance information sent through the mail should be stamped "confidential," addressed to a specific person (or sent to that personís attention), and sent by secure mail. These precautions will help to limit unauthorized access to surveillance information.

PHIN Messaging Services (PHIN-MS)

Applications should adhere to the PHIN messaging standards. The PHIN-MS is a generic, standards-based, interoperable, and extensible message transport system. It is platform-independent and loosely coupled with systems that produce outgoing messages or consume incoming messages. PHIN-MS provides the services for secured and reliable data interchange.

The PHIN-MS consists of two pieces: (1) a client that can run on a typical workstation, and (2) a server that must be run in conjunction with a web server. Both pieces are written in pure Java and are certified to run on most of the typical platforms. The client is capable of sending messages at any time, receiving acknowledgements to those messages, and receiving messages with the help of a central server. The server is capable of both sending and receiving messages at any time.

The interface into the messaging system is through queues that allow almost any application, written in any language to make use of the system. To send a message, the application drops the file into a database queue or directory along with some addressing information. The PHIN-MS client retrieves the file, places it in an ebXML wrapper, encrypts it and signs it if appropriate, and then transports it over the Internet.

The application does not need to know ebXML. Likewise, on the receiving end, the PHIN-MS receiver receives the message, decrypts it, checks the signature, removes it from the ebXML wrapper, and drops the message in a queue. The application only needs to pull the file from the queue to get the message for processing. Any type of file may be sent using the PHIN- MS, not just XML.

Specification guides for the electronic exchange of various types of data are available on the PHIN website:

PHIN Vocabulary Access and Distribution System (PHIN-VADS)

An agreed upon and readily comprehensible vocabulary is critical to support the information flow within public health organizations and between public health organizations and their partners. The PHIN Vocabulary standards enable the interoperable exchange of information among public health partners. Applications should comply with the appropriate PHIN Vocabulary standards.

In a broad sense, PHIN Vocabulary refers to all terminology used within public health. However, this section discusses a more focused type of vocabulary, the vocabulary needed to enable the interoperable exchange of information between systems. This is vocabulary for coded data items (sometimes referred to as a coded concept) within systems. Examples of coded data items include lab test codes, condition codes, and assay types.

The goal of PHIN Vocabulary is to promote and use currently available industry standards, such as SNOMED condition codes, for codes and terms. PHIN Vocabulary may extend industry standards when gaps are identified. Another goal of PHIN Vocabulary is to define vocabulary that is standard across diseases, such as case management vocabulary, while allowing disease- specific vocabulary.

Each coded data item in PHIN Vocabulary is associated with industry standard code sets (e.g., HL7, LOINC, SNOMED, FIPS). Code sets contain the valid values for coded data items. For example, TB Anatomic Sites of Disease are defined with SNOMED values (e.g., Pulmonary=T-28000, Pleural= T-29000, Lymphatic-Cervical=T-C6200).

PHIN -VADS provides for the versioning, provisioning, customization, and synchronization of vocabulary, as defined below.

  • Versioning - the PHIN Vocabulary Data Store provides a hierarchical, fine-grained versioning system that allows users to update components of the data store and to access the history of changes to any part of the data store
  • Provisioning - the data store is designed for distribution of all or portions of the vocabulary store to multiple organizations
  • Customization - organizations can modify their local vocabulary data store to meet their specific needs
  • Synchronization - changes to one data store can be ported to other data stores. Users can control which updates are incorporated into their store and which are rejected
For more information on PHIN Vocabulary and the PHIN-VADS go to

Skip Navigation | Assessment Guide | How to Get Started | Requirements Definition | Business Models | Support | Data Migration
Local Enhancements and Customizations | Costs | Funding | PHIN Compatibility | Decision Model Tool | Glossary | Results